Skip to main content

Military Health System

Important Notice about Pharmacy Operations

Change Healthcare Cyberattack Impact on MHS Pharmacy Operations. Read the statement to learn more. 

Skip subpage navigation

How HIPAA Protects You

The Health Insurance Portability and Accountability Act (HIPAA) is designed to balance privacy, efficiency, and quality. A covered entity generally does not need your permission to share your protected health information (PHI) with another covered entity for treatment, payment, or healthcare operations, commonly referred to as TPO. For example, a doctor will generally not ask your permission before:

  • Sending your records to a second doctor for a second opinion (treatment);
  • Consulting with another health care provider regarding your medical status (treatment);
  • Asking TRICARE for reimbursement for the services you received (payment);
  • Sharing medical services provided for coverage and justification of charges (payment);
  • Reviewing your records to conduct MHS provider training programs, including certification and licensing (health care operations); and
  • Reviewing your records to see if your doctor followed protocol (health care operations).

However, HIPAA does give you the right to:

  • Learn how the Military Health System (MHS) will use and disclose your PHI;
  • Request to limit who can access your PHI;
  • Find out when a covered entity discloses your PHI to others;
  • Request to view and receive a copy of your PHI; and
  • Request to amend your PHI if incorrect or incomplete.

HIPAA also requires the MHS to:

  • Make sure your PHI is stored securely if maintained electronically;
  • Make sure your PHI is available when you need healthcare; and
  • Notify you if your PHI is lost or stolen.

You also may be interested in...

Fact Sheet
May 14, 2014

General Mapping of HIPAA Security Rule to Existing DOD Policies and IA Controls

.PDF | 703.77 KB

This document represents an updated mapping of the HIPAA Security Rule to select DOD policies and IA controls. It does not constitute the rendering of legal advice or an exhaustive list of all possible mappings of the Security Rule to DOD policies or IA controls. The document is intended to provide general information and to allow different ...

Last Updated: July 11, 2023
Follow us on Instagram Follow us on LinkedIn Follow us on Facebook Follow us on X Follow us on YouTube Sign up on GovDelivery